forked from elastic/beats
-
Notifications
You must be signed in to change notification settings - Fork 0
/
packetbeat.conf
107 lines (84 loc) · 2.9 KB
/
packetbeat.conf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
###
### Packetbeat Agent configuration file.
###
### Packetbeat is an application monitoring system that works by sniffing
### the network traffic between your application components.
###
### For more configuration options, please visit:
###
### http://packetbeat.com/docs/configuration.html
###
[output]
[output.elasticsearch]
# Comment this option if you don't want to output to Elasticsearch.
enabled = true
# Set the host and port where to find Elasticsearch.
host = "localhost"
port = 9200
# Comment this option if you don't want to store the topology in Elasticsearch.
save_topology = true
[output.redis]
# Uncomment out this option if you want to output to Redis.
# enabled = true
# Set the host and port where to find Redis.
#host = "localhost"
#port = 6379
# Uncomment out this option if you want to store the topology in Redis.
# save_topology = true
[output.file]
# Uncomment the following lines if you want to output to flat files.
#enabled = true
#path="/tmp/packetbeat"
#filename="packetbeat"
#rotate_every_kb=1000
#number_of_files=7
[interfaces]
# Select on which network interfaces to sniff. You can use the "any"
# keyword to sniff on all connected interfaces.
device = "any"
[protocols]
# Configure which protocols to monitor and on which ports are they
# running. You can disable a given protocol by commenting out its
# configuration.
[protocols.http]
ports = [80, 8080, 8000, 5000, 8002]
[protocols.mysql]
ports = [3306]
[protocols.pgsql]
ports = [5432]
#[protocols.redis]
#ports = [6379]
[protocols.thrift]
ports = [9090]
[procs]
# Which processes to monitor and how to find them. The processes can
# be found by searching their command line by a given string.
[procs.monitored.mysqld]
cmdline_grep = "mysqld"
[procs.monitored.pgsql]
cmdline_grep = "postgres"
[procs.monitored.nginx]
cmdline_grep = "nginx"
[procs.monitored.app]
cmdline_grep = "gunicorn"
[agent]
# The name of the agent as it will show up in the web interface. If not
# defined, we will just use the hostname.
#
#name=
# The tags of the agent are included in their own field with each
# transaction published. Tags make it easy to group servers by different
# logical properties.
# tags = ["service1"]
# Uncomment the following if you want to ignore transactions created
# by the server on which the agent is installed. This option is useful
# to remove duplicates if agents are installed on multiple servers.
#ignore_outgoing = true
[passwords]
# Uncomment the following to hide certain parameters in URL or forms attached
# to HTTP requests. The names of the parameters are case insensitive.
# The value of the parameters will be replaced with the 'xxxxx' string.
# This is generally useful for avoiding storing user passwords or other
# sensitive information.
#hide_keywords = ["pass", "password", "passwd"]
# vim: set ft=toml: